Free Online ROP Gadgets Search

ropshell> use 911ddf2e16761643a47225f654d811e5 (download)
name         : ntdll.dll (i386/PE)
base address : 0x7c901000
total gadgets: 6968

ropshell> search xchg r32 esp %
found 13 gadgets
> 0x7c918bfe : xchg eax, esp; ret
> 0x7c95aa36 : xchg eax, esp; sub edi, ebx; dec ecx; ret 0xc
> 0x7c93bf35 : xchg eax, esp; xor eax, eax; inc eax; ret
> 0x7c901608 : xchg eax, esp; mov eax, [eax]; push eax; ret
> 0x7c95e2d8 : xchg eax, esp; add [eax], al; add [ebx], bh; ret
> 0x7c946817 : xchg eax, esp; std ; call [ebx + 0x58]
> 0x7c9467bf : xchg eax, esp; std ; call [edx + 0x51]
> 0x7c946748 : xchg eax, esp; std ; call [esi + 0xffffffff]
> 0x7c910648 : xchg eax, esp; or bh, bh; call [ebx + 0xffffffff]
> 0x7c90e8ae : xchg eax, esp; pop esi; pop edi; lea eax, [edx + 0xffffffff]; pop ebx; ret
> 0x7c90d79f : xchg eax, esp; add [eax], al; add [edx + 0x7ffe0300], bh; call [edx]; ret 0x14
> 0x7c90e360 : xchg eax, esp; add [eax], al; add [edx + 0xffffffc3], bl; fldcw [esp]; pop edx; ret
> 0x7c90d79f : xchg eax, esp; add [eax], al; add [edx + 0x7ffe0300], bh; call [edx]